AMENDMENTS TO THE CLAIMS 



1. (Currently Amended) A method of providing access to services across a computer 
network, comprising the step of: 

generating an authentication, authorization and access request by a requesting network 
access device through which, upon a successful authentication and authorization 
of an end user device to the computer network, the end user device can obtain 
access to network resources, said authentication, authorization and access request 
comprising a requesting network access device description and a plurality of 
service requests indicative of computer services for which the requesting network 
access device requests provisioning; 

wherein the requesting network access device description includes one or more of: a 

requesting network access device vendor, a requesting network access device type 
and a requesting network access device version; 

wherein the authentication, authorization and access request is a RADIUS packet 

comprising Vendor Specific Attribute (VSA) blocks, in which the requesting 
network access device description is stored ; and 

forwarding, to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network, and for 
reconfiguring the authentication, authorization and access-control server by 
storing a dependence between the authentication, authorization and access request 
and the requesting network access device; 

wherein the authentication, authorization and access-control server is automatically 

reconfigured in real time based on the forwarded authentication, authorization and 
access request and one or more of the requests from one or more other access 
devices that are attached to the computer network and services that are required 
by the one or more other access devices; 

wherein the method is performed by one or more processors. 
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(Currently Amended) A method according to Claim 1 in which the service requests are 
defined by information contained within the - Vendor Specific Attribute ( VSA) blocks in 
the said packet. 



3. (Previously Presented) A method according to Claim 2 in which each said block contains 
a requesting network access device-type identifier and a service-request identifier. 

4. (Original) A method according to Claim 2 in which the packet is a RADIUS-compliant 
authentication request packet. 

5. (Cancelled) 

6. (Original) A method according to Claim 1 in which the service requests include a request 
for a particular service level. 

7. (Original) A method according to Claim 1 in which a policy is applied to the access 
request to determine whether access will be allowed, and if so for what services. 

8. (Previously Presented) A method according to Claim 1 in which said network resources 
are provisioned in dependence upon the access request. 

9. (Original) A method according to Claim 1 in which the steps of receiving and applying 
are performed by an access-control server or an Authentication, Authorization and Audit 
(AAA) server. 

10. (Original) A method according to Claim 9 in which the access-control server uses the 
access request to select among multiple services that are specified for a particular device. 

11. -12. (Cancelled) 
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13. (Currently Amended) A network device, comprising: 
one or more processors; 

a network interface capable of being coupled to a requesting network access device and a 
computer network and for sending access requests to the network access requests, 
a processor ] _and 

a computer-readable storage medium having one or more stored sequences of instructions 
which, when executed, cause the processor to perform the steps of: 

generating an authentication, authorization and access request by the requesting network 
access device through which, upon a successful authentication and authorization 
of an end user device to the computer network, the end user device can obtain 
access to network resources for forwarding via the network interface, said 
authentication, authorization and access request comprising a requesting network 
access device description and a plurality of service requests indicative of 
computer services for which the requesting network access device requests 
provisioning; 

wherein the requesting network access device description includes one or more of: a 

requesting network access device vendor, a requesting network access device type 
and a requesting network acc e ss device; 

wherein the authentication, authorization and access request is a RADIUS packet 

comprising Vendor Specific Attribute (VSA) blocks, in which the requesting 
network access device description is stored ;-and 

forwarding, to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network, and for 
reconfiguring the authentication, authorization and access-control server by 
storing a dependence between the authentication, authorization and access request 
and the requesting network access device; 

wherein the authentication, authorization and access-control server is automatically 

reconfigured in real time based on the forwarded authentication, authorization and 
access request and one or more of the requests from one or more other access 
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devices that are attached to the computer network and services that are required 



by the one or more other access devices . 



14. (Currently Amended) A network device according to Claim 13 in which the service 
requests are defined by information contained within the - Vendor Specific Attribute 
fVSA) blocks in this said packet. 

15. (Previously Presented) A network device according to Claim 14 in which each said block 
contains a requesting network access device-type identifier and a service -request 
identifier. 

16. (Original) A network device according to Claim 14 in which the packet is a RADIUS- 
compliant authentication request packet. 

17. (Canceled) 

18. (Original) A network device according to Claim 13 in which the service requests 
include a request for a particular service level. 

19. (Currently Amended) A computer system comprising 

an access-control server for controlling access to resources on the network when 
requested by requesting network access devices, the access-control server being arranged: 
(a) to receive an authentication, authorization and access request by a requesting 
network access device through which, upon a successful authentication and 
authorization of an end user device to the computer network, the end user device 
can obtain access to network resources, said authentication, authorization and 
access request comprising a requesting network access device description and a 
plurality of service requests indicative of computer services for which the 
requesting network access device requests provisioning; 
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wherein the requesting network access device description includes one or more 
of: a requesting network access device vendor, a requesting network 
access device type and a requesting network access device version; 

wherein the authentication, authorization and access request is a RADIUS packet 
comprising Vendor Sp e cific Attribute (VSA) blocks, in which the 
requesting network access device description is stored ;-and 

(b) to apply a policy to the authentication, authorization and access request to 
determine whether the end user device can access the computer network, and if so 
for what services; 

(c) to reconfigure the access control server by storing a dependence between the 
authentication, authorization and access request and the requesting network access 
device ; wherein the authentication, authorization and access-control server is 
automatically reconfigured in real time based on the forwarded authentication, 
authoiization and access request and one or more of the requests from one or 
more other access devices that are attached to the computer network and services 
that are required by the one or more other access devices . 

20. (Original) A computer system according to Claim 19 in which the access control server 
instructs the provisioning of network resources in dependence upon the access request. 

21. (Original) A computer system according to Claim 19 in which the access-control server 
is an Authentication, Authorization and Audit (AAA) server. 

22. (Original) A computer system according to Claim 19 in which the access-control server 
uses the access request to select among multiple services that are specified for a particular 
device. 

23. (Currently Amended) A computer-readable non-transitory storage medium storing a 
sequence of instructions which, when executed by one or more processors, causes said 
processor or processors to perform the steps of: 
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generating an authentication, authorization and access request by a requesting network 
access device through which, upon a successful authentication and authorization 
of an end user device to the computer network, the end user device can obtain 
access to network resources, said authentication, authorization and access 
comprising a requesting network access device description and a plurality of 
service requests indicative of computer services for which the requesting network 
access device requests provisioning; 

wherein the requesting network access device description includes one or more of: a 

requesting network access device vendor, a requesting network access device type 
and a requesting network access device version; 

wherein the authentication, authorization and access request is a RADIUS packet 

comprising Vendor Specific Attribute (VSA) blocks, in which the requesting 
network access device description is stored ; and 

forwarding, to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network, and for 
reconfiguring the authentication, authorization and access-control server by 
storing a dependence between the authentication, authorization and access request 
and the requesting network access device; 

wherein the authentication, authorization and access-control server is automatically 

reconfigured in real time based on the forwarded authentication, authorization and 
access request and one or more of the requests from one or more other access 
devices that are attached to the computer network and services that are required 



24. (Currently Amended) A computer-readable storage medium according to Claim 23 in 
which the service requests are defined by information contained within the - Vendor 
Specific Attribute ( VSA) blocks in said packet. 



50325-0837 (Seq. No. 7345) 



7 



25. 



(Previously Presented) A computer-readable storage medium according to Claim 24 
further including instructions for creating within each said block a requesting network 
access device-type identifier and a service-request identifier. 



26. (Previously Presented) A computer-readable storage medium according to Claim 24 in 
which the generated packet is a RADIUS-compliant authentication request packet. 

27. (Canceled) 

28. (Previously Presented) A computer-readable storage medium according to Claim 23, in 
which service requests include a request for a particular service level. 

29. (Previously Presented) A network device as claimed in claim 1 1 or claim 13 comprising 
a requesting network access device which controls end-user device access to a network, 
and which requests services on behalf of one or more said end-user devices. 

30. (Previously Presented) A network device as claimed in claim 1 1 or claim 13 in which 
said requesting network access device requests services for its own use. 
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